Inside the Push to Make Crypto Trading Bots More Secure to Mitigate Risks and Foster User Confidence

The last twelve-odd months have seen the global DeFi ecosystem witness the exponential adoption of AI-driven trading agents, resulting in the creation of a new metric called Assets Under Agent (AUA), which, as the name suggests, tracks funds managed by these bots​. 

In essence, these agents are autonomous systems capable of processing vast troves of data and executing complex strategies far beyond the individual capability of any human, thus signaling a shift from human-managed funds to algorithmic allocation. 

However, as one can imagine, this degree of automation comes with a whole set of issues. For instance, many bots operate as opaque “black boxes,” leaving traders unable to audit their logic and, in the process, creating a trust gap (since users are basically handing over money to systems they cannot fully inspect). 

Furthermore, hackers can exploit them if they can get access to the API keys of the platform interfacing with these bots (emptying them of any funds). In fact, recent reports have described traders losing their money thanks to such breaches and​ Malware-infected trading software capable of compromising these agents and rerouting transactions to third-party wallets.

Even without the threat of such external attacks, AI models are prone to problems. For example, they can be “poisoned” with fake data or fooled by adversarial inputs, leading to poor predictions. 

To this point, one study found that algorithmic agents were capable of colluding, distorting market conditions to create artificial profits. As a result, regulators have issued warnings with the Commodity Futures Trading Commission (CFTC) cautioning crypto investors that many platforms promising guaranteed AI profits should be viewed with a high degree of skepticism.

Security by Design

Within such a high-stakes environment, platforms like Giza have taken a security-first approach with their Autonomous Risk Management Agent (ARMA). Launched on the Base layer-2 network in early 2025, ARMA is a stablecoin yield optimizer that automates positions across multiple lending protocols. 

Perhaps most crucially, Giza’s architecture is designed to be self-custodial, allowing users to keep exclusive control of their funds. In this context, users can grant ARMA permission via ephemeral “session keys” that are strictly time-limited and scoped by protocol. This approach ensures that even if Giza’s servers are compromised, attackers cannot withdraw funds without the user’s explicit approval.  

Alongside such tight permissions, Giza has baked-in solid operational risk management systems into ARMA as a result of which, the offering limits itself to well-vetted, stable lending platforms, avoiding riskier DeFi experiments. Every trade is logged on-chain, creating a transparent history that users can audit. 

Beyond wallets, Giza’s execution model is decentralized, meaning that a network of independent nodes can execute the agent’s computations. These nodes must follow the protocol’s rules and can be financially penalized (slashed) if they misbehave​.

Numbers-wise, one can see that ARMA has already executed tens of thousands of autonomous trades and managed millions in user assets without a single security incident.  Moreover, ARMA seems to be just the first agent rolled out by Giza, with plans for more specialized bots (for example, for real-time restaking or delta-neutral strategies) in the near future. 

Securing tomorrow’s agent-driven future

From the outside looking in, the growth of autonomous trading agents seems unstoppable, but experts have continued to emphasize caution​ , as many of these tools seem to be operating in a regulatory gray zone (all while making extraordinary claims). To help alleviate such concerns, Giza’s ARMA offers a tangible blueprint, one that keeps user keys off its servers, slices agent permissions into narrow scopes, and logs every action on-chain. 

That said, only time will tell whether AI agents will ultimately dominate the crypto market, but Giza’s approach illustrates a key point, i.e., automation demands architecture (and even though AI can unlock new efficiencies, it must run under a “protocol that prioritizes security, adaptability, and user intent”​).